diff options
| author | Ade Lee <alee@redhat.com> | 2012-01-09 23:32:31 -0500 |
|---|---|---|
| committer | Ade Lee <alee@redhat.com> | 2012-01-09 23:32:31 -0500 |
| commit | 466533710c179f62865e08b3031748072a0247a3 (patch) | |
| tree | 4c04c20d50239be26ba8319076de90226526a542 /pki/base/common/src/com/netscape/cmscore/usrgrp/UGSubsystem.java | |
| parent | c9e3c48de53fce6908f625f40ac2b2f75d66b5a1 (diff) | |
| download | pki-466533710c179f62865e08b3031748072a0247a3.tar.gz pki-466533710c179f62865e08b3031748072a0247a3.tar.xz pki-466533710c179f62865e08b3031748072a0247a3.zip | |
Formatting (no wrap)
Diffstat (limited to 'pki/base/common/src/com/netscape/cmscore/usrgrp/UGSubsystem.java')
| -rw-r--r-- | pki/base/common/src/com/netscape/cmscore/usrgrp/UGSubsystem.java | 624 |
1 files changed, 299 insertions, 325 deletions
diff --git a/pki/base/common/src/com/netscape/cmscore/usrgrp/UGSubsystem.java b/pki/base/common/src/com/netscape/cmscore/usrgrp/UGSubsystem.java index 6b25410e..3d63144d 100644 --- a/pki/base/common/src/com/netscape/cmscore/usrgrp/UGSubsystem.java +++ b/pki/base/common/src/com/netscape/cmscore/usrgrp/UGSubsystem.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.usrgrp; - import java.security.cert.CertificateEncodingException; import java.security.cert.X509Certificate; import java.util.Enumeration; @@ -53,12 +52,10 @@ import com.netscape.certsrv.usrgrp.IUsrGrp; import com.netscape.cmscore.ldapconn.LdapBoundConnFactory; import com.netscape.cmscore.util.Debug; - /** - * This class defines low-level LDAP usr/grp management - * usr/grp information is located remotely on another - * LDAP server. - * + * This class defines low-level LDAP usr/grp management usr/grp information is + * located remotely on another LDAP server. + * * @author thomask * @author cfu * @version $Revision$, $Date$ @@ -74,7 +71,7 @@ public final class UGSubsystem implements IUGSubsystem { protected static final String GROUP_ATTR_VALUE = "groupofuniquenames"; protected static final String LDAP_ATTR_USER_CERT_STRING = "description"; - // protected static final String LDAP_ATTR_CERTDN = "seeAlso"; + // protected static final String LDAP_ATTR_CERTDN = "seeAlso"; protected static final String LDAP_ATTR_USER_CERT = "userCertificate"; protected static final String PROP_BASEDN = "basedn"; @@ -122,8 +119,8 @@ public final class UGSubsystem implements IUGSubsystem { /** * Connects to LDAP server. */ - public void init(ISubsystem owner, IConfigStore config) - throws EBaseException { + public void init(ISubsystem owner, IConfigStore config) + throws EBaseException { mLogger = CMS.getLogger(); mConfig = config; @@ -150,7 +147,7 @@ public final class UGSubsystem implements IUGSubsystem { // register admin servlet } - + /** * Disconnects usr/grp manager from the LDAP */ @@ -164,7 +161,7 @@ public final class UGSubsystem implements IUGSubsystem { log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_LDAP_SHUT", e.toString())); } } - + public IUser createUser(String id) { return new User(this, id); } @@ -212,16 +209,16 @@ public final class UGSubsystem implements IUGSubsystem { try { ldapconn = getConn(); // read DN - LDAPSearchResults res = - ldapconn.search(userid, - LDAPv2.SCOPE_SUB, "(objectclass=*)", null, false); + LDAPSearchResults res = + ldapconn.search(userid, + LDAPv2.SCOPE_SUB, "(objectclass=*)", null, false); Enumeration<IUser> e = buildUsers(res); if (e.hasMoreElements()) { return (IUser) e.nextElement(); } } finally { - if (ldapconn != null) + if (ldapconn != null) returnConn(ldapconn); } } @@ -245,9 +242,9 @@ public final class UGSubsystem implements IUGSubsystem { try { ldapconn = getConn(); String filter = LDAP_ATTR_USER_CERT_STRING + "=" + getCertificateString(cert); - LDAPSearchResults res = - ldapconn.search(getUserBaseDN(), - LDAPConnection.SCOPE_SUB, filter, null, false); + LDAPSearchResults res = + ldapconn.search(getUserBaseDN(), + LDAPConnection.SCOPE_SUB, filter, null, false); Enumeration<IUser> e = buildUsers(res); return (User) e.nextElement(); @@ -259,20 +256,20 @@ public final class UGSubsystem implements IUGSubsystem { } log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_FIND_USER", e.toString())); } catch (ELdapException e) { - String errMsg = - "find User: Could not get connection to internaldb. Error " + e; + String errMsg = + "find User: Could not get connection to internaldb. Error " + e; log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_INTERNAL_DB", e.toString())); } finally { - if (ldapconn != null) + if (ldapconn != null) returnConn(ldapconn); } return null; } /** - * Searchs for identities that matches the certificate locater - * generated filter. + * Searchs for identities that matches the certificate locater generated + * filter. */ public IUser findUsersByCert(String filter) throws EUsrGrpException, LDAPException { @@ -290,8 +287,9 @@ public final class UGSubsystem implements IUGSubsystem { hasSlash = up.indexOf('\\'); while (hasSlash != -1) { - stripped += up.substring(0, hasSlash) + - "\\5c";; + stripped += up.substring(0, hasSlash) + + "\\5c"; + ; up = up.substring(hasSlash + 1); hasSlash = up.indexOf('\\'); } @@ -303,7 +301,7 @@ public final class UGSubsystem implements IUGSubsystem { try { ldapconn = getConn(); LDAPSearchResults res = ldapconn.search(getUserBaseDN(), - LDAPv2.SCOPE_SUB, "(" + filter + ")", + LDAPv2.SCOPE_SUB, "(" + filter + ")", null, false); Enumeration<IUser> e = buildUsers(res); @@ -317,13 +315,13 @@ public final class UGSubsystem implements IUGSubsystem { } log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_FIND_USER_BY_CERT", e.toString())); } catch (ELdapException e) { - String errMsg = - "find Users By Cert: " + - "Could not get connection to internaldb. Error " + e; + String errMsg = + "find Users By Cert: " + + "Could not get connection to internaldb. Error " + e; log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_FIND_USER_BY_CERT", e.toString())); } finally { - if (ldapconn != null) + if (ldapconn != null) returnConn(ldapconn); } @@ -343,7 +341,7 @@ public final class UGSubsystem implements IUGSubsystem { try { ldapconn = getConn(); LDAPSearchResults res = ldapconn.search(getUserBaseDN(), - LDAPv2.SCOPE_SUB, "(uid=" + filter + ")", + LDAPv2.SCOPE_SUB, "(uid=" + filter + ")", null, false); Enumeration<IUser> e = buildUsers(res); @@ -357,12 +355,12 @@ public final class UGSubsystem implements IUGSubsystem { } log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_FIND_USERS", e.toString())); } catch (ELdapException e) { - String errMsg = - "find Users: Could not get connection to internaldb. Error " + e; + String errMsg = + "find Users: Could not get connection to internaldb. Error " + e; log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_FIND_USERS", e.toString())); } finally { - if (ldapconn != null) + if (ldapconn != null) returnConn(ldapconn); } @@ -370,8 +368,8 @@ public final class UGSubsystem implements IUGSubsystem { } /** - * Searchs for identities that matches the filter. - * retrieves uid only, for efficiency of user listing + * Searchs for identities that matches the filter. retrieves uid only, for + * efficiency of user listing */ public Enumeration<IUser> listUsers(String filter) throws EUsrGrpException { if (filter == null) { @@ -447,11 +445,12 @@ public final class UGSubsystem implements IUGSubsystem { } /** - * builds a User instance. Sets only uid for user entry retrieved - * from LDAP server. for listing efficiency only. + * builds a User instance. Sets only uid for user entry retrieved from LDAP + * server. for listing efficiency only. + * * @return the User entity. */ - protected IUser lbuildUser(LDAPEntry entry) throws EUsrGrpException { + protected IUser lbuildUser(LDAPEntry entry) throws EUsrGrpException { IUser id = createUser(this, (String) entry.getAttribute("uid").getStringValues().nextElement()); LDAPAttribute cnAttr = entry.getAttribute("cn"); @@ -462,16 +461,16 @@ public final class UGSubsystem implements IUGSubsystem { if (cn != null) { id.setFullName(cn); } - + } LDAPAttribute certAttr = - entry.getAttribute(LDAP_ATTR_USER_CERT); + entry.getAttribute(LDAP_ATTR_USER_CERT); if (certAttr != null) { Vector<X509Certificate> certVector = new Vector<X509Certificate>(); @SuppressWarnings("unchecked") - Enumeration<byte[]> e = certAttr.getByteValues(); + Enumeration<byte[]> e = certAttr.getByteValues(); try { for (; e != null && e.hasMoreElements();) { @@ -503,8 +502,9 @@ public final class UGSubsystem implements IUGSubsystem { } /** - * builds a User instance. Set all attributes retrieved from - * LDAP server and set them on User. + * builds a User instance. Set all attributes retrieved from LDAP server and + * set them on User. + * * @return the User entity. */ protected IUser buildUser(LDAPEntry entry) throws EUsrGrpException { @@ -524,9 +524,9 @@ public final class UGSubsystem implements IUGSubsystem { if (userdn != null) { id.setUserDN(userdn); - } else { // the impossible + } else { // the impossible String errMsg = "buildUser(): user DN not found: " + - userdn; + userdn; log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_BUILD_USER")); @@ -534,22 +534,19 @@ public final class UGSubsystem implements IUGSubsystem { } /* - LDAPAttribute certdnAttr = entry.getAttribute(LDAP_ATTR_CERTDN); - if (certdnAttr != null) { - String cdn = (String)certdnAttr.getStringValues().nextElement(); - if (cdn != null) { - id.setCertDN(cdn); - } - } + * LDAPAttribute certdnAttr = entry.getAttribute(LDAP_ATTR_CERTDN); if + * (certdnAttr != null) { String cdn = + * (String)certdnAttr.getStringValues().nextElement(); if (cdn != null) + * { id.setCertDN(cdn); } } */ LDAPAttribute mailAttr = entry.getAttribute("mail"); if (mailAttr != null) { @SuppressWarnings("unchecked") - Enumeration<String> en = mailAttr.getStringValues(); + Enumeration<String> en = mailAttr.getStringValues(); if (en != null && en.hasMoreElements()) { - String mail = en.nextElement(); + String mail = en.nextElement(); if (mail != null) { id.setEmail(mail); @@ -573,7 +570,7 @@ public final class UGSubsystem implements IUGSubsystem { if (phoneAttr != null) { @SuppressWarnings("unchecked") - Enumeration<String> en = phoneAttr.getStringValues(); + Enumeration<String> en = phoneAttr.getStringValues(); if (en != null && en.hasMoreElements()) { String phone = (String) en.nextElement(); @@ -589,20 +586,20 @@ public final class UGSubsystem implements IUGSubsystem { LDAPAttribute userTypeAttr = entry.getAttribute("usertype"); - if (userTypeAttr == null) + if (userTypeAttr == null) id.setUserType(""); else { @SuppressWarnings("unchecked") - Enumeration<String> en = userTypeAttr.getStringValues(); + Enumeration<String> en = userTypeAttr.getStringValues(); if (en != null && en.hasMoreElements()) { String userType = (String) en.nextElement(); - if ((userType != null) && (! userType.equals("undefined"))) + if ((userType != null) && (!userType.equals("undefined"))) id.setUserType(userType); else id.setUserType(""); - + } } @@ -612,7 +609,7 @@ public final class UGSubsystem implements IUGSubsystem { id.setState(""); else { @SuppressWarnings("unchecked") - Enumeration<String> en = userStateAttr.getStringValues(); + Enumeration<String> en = userStateAttr.getStringValues(); if (en != null && en.hasMoreElements()) { String userState = (String) en.nextElement(); @@ -621,17 +618,17 @@ public final class UGSubsystem implements IUGSubsystem { id.setState(userState); else id.setState(""); - + } } LDAPAttribute certAttr = - entry.getAttribute(LDAP_ATTR_USER_CERT); + entry.getAttribute(LDAP_ATTR_USER_CERT); if (certAttr != null) { Vector<X509Certificate> certVector = new Vector<X509Certificate>(); @SuppressWarnings("unchecked") - Enumeration<byte[]> e = certAttr.getByteValues(); + Enumeration<byte[]> e = certAttr.getByteValues(); try { for (; e != null && e.hasMoreElements();) { @@ -667,24 +664,21 @@ public final class UGSubsystem implements IUGSubsystem { } /** - * Adds identity. Certificates handled by a separate call to - * addUserCert() + * Adds identity. Certificates handled by a separate call to addUserCert() */ public void addUser(IUser identity) throws EUsrGrpException, LDAPException { User id = (User) identity; if (id == null) { - throw new - EUsrGrpException(CMS.getUserMessage("CMS_USRGRP_ADD_USER_FAIL")); + throw new EUsrGrpException(CMS.getUserMessage("CMS_USRGRP_ADD_USER_FAIL")); } if (id.getUserID() == null) { - throw new - EUsrGrpException(CMS.getUserMessage("CMS_USRGRP_ADD_USER_FAIL_NO_UID")); + throw new EUsrGrpException(CMS.getUserMessage("CMS_USRGRP_ADD_USER_FAIL_NO_UID")); } LDAPAttributeSet attrs = new LDAPAttributeSet(); - String oc[] = {"top", "person", "organizationalPerson", + String oc[] = { "top", "person", "organizationalPerson", "inetOrgPerson", "cmsuser" }; attrs.add(new LDAPAttribute("objectclass", oc)); @@ -695,29 +689,30 @@ public final class UGSubsystem implements IUGSubsystem { if (id.getPhone() != null) { // DS syntax checking requires a value for PrintableString syntax - if (! id.getPhone().equals("")) { + if (!id.getPhone().equals("")) { attrs.add(new LDAPAttribute("telephonenumber", id.getPhone())); } } - attrs.add(new LDAPAttribute("userpassword", + attrs.add(new LDAPAttribute("userpassword", id.getPassword())); if (id.getUserType() != null) { // DS syntax checking requires a value for Directory String syntax - // but usertype is a MUST attribute, so we need to add something here + // but usertype is a MUST attribute, so we need to add something + // here // if it is undefined. - - if (! id.getUserType().equals("")) { - attrs.add(new LDAPAttribute("usertype", id.getUserType())); + + if (!id.getUserType().equals("")) { + attrs.add(new LDAPAttribute("usertype", id.getUserType())); } else { - attrs.add(new LDAPAttribute("usertype", "undefined")); + attrs.add(new LDAPAttribute("usertype", "undefined")); } } if (id.getState() != null) { // DS syntax checking requires a value for Directory String syntax - if (! id.getState().equals("")) { + if (!id.getState().equals("")) { attrs.add(new LDAPAttribute("userstate", id.getState())); } } @@ -729,9 +724,9 @@ public final class UGSubsystem implements IUGSubsystem { String adminId = (String) sessionContext.get(SessionContext.USER_ID); mLogger.log(ILogger.EV_AUDIT, ILogger.S_USRGRP, - AuditFormat.LEVEL, AuditFormat.ADDUSERFORMAT, - new Object[] {adminId, id.getUserID()} - ); + AuditFormat.LEVEL, AuditFormat.ADDUSERFORMAT, + new Object[] { adminId, id.getUserID() } + ); LDAPConnection ldapconn = null; @@ -739,12 +734,12 @@ public final class UGSubsystem implements IUGSubsystem { ldapconn = getConn(); ldapconn.add(entry); } catch (ELdapException e) { - String errMsg = - "add User: Could not get connection to internaldb. Error " + e; + String errMsg = + "add User: Could not get connection to internaldb. Error " + e; log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_ADD_USER", e.toString())); } finally { - if (ldapconn != null) + if (ldapconn != null) returnConn(ldapconn); } } @@ -764,27 +759,27 @@ public final class UGSubsystem implements IUGSubsystem { LDAPModificationSet addCert = new LDAPModificationSet(); if ((cert = user.getX509Certificates()) != null) { - LDAPAttribute attrCertStr = new - LDAPAttribute(LDAP_ATTR_USER_CERT_STRING); + LDAPAttribute attrCertStr = new + LDAPAttribute(LDAP_ATTR_USER_CERT_STRING); /* - LDAPAttribute attrCertDNStr = new - LDAPAttribute(LDAP_ATTR_CERTDN); + * LDAPAttribute attrCertDNStr = new + * LDAPAttribute(LDAP_ATTR_CERTDN); */ - LDAPAttribute attrCertBin = new - LDAPAttribute(LDAP_ATTR_USER_CERT); + LDAPAttribute attrCertBin = new + LDAPAttribute(LDAP_ATTR_USER_CERT); try { attrCertBin.addValue(cert[0].getEncoded()); attrCertStr.addValue(getCertificateString(cert[0])); - // attrCertDNStr.addValue(cert[0].getSubjectDN().toString()); + // attrCertDNStr.addValue(cert[0].getSubjectDN().toString()); } catch (CertificateEncodingException e) { log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_ADD_USER_CERT", e.toString())); throw new EUsrGrpException(CMS.getUserMessage("CMS_USRGRP_USR_CERT_ERROR")); } addCert.add(LDAPModification.ADD, attrCertStr); - //addCert.add(LDAPModification.ADD, attrCertDNStr); + // addCert.add(LDAPModification.ADD, attrCertDNStr); addCert.add(LDAPModification.ADD, attrCertBin); LDAPConnection ldapconn = null; @@ -792,17 +787,17 @@ public final class UGSubsystem implements IUGSubsystem { try { ldapconn = getConn(); ldapconn.modify("uid=" + user.getUserID() + - "," + getUserBaseDN(), addCert); + "," + getUserBaseDN(), addCert); // for audit log SessionContext sessionContext = SessionContext.getContext(); String adminId = (String) sessionContext.get(SessionContext.USER_ID); mLogger.log(ILogger.EV_AUDIT, ILogger.S_USRGRP, - AuditFormat.LEVEL, AuditFormat.ADDUSERCERTFORMAT, - new Object[] {adminId, user.getUserID(), - cert[0].getSubjectDN().toString(), - cert[0].getSerialNumber().toString(16)} - ); + AuditFormat.LEVEL, AuditFormat.ADDUSERCERTFORMAT, + new Object[] { adminId, user.getUserID(), + cert[0].getSubjectDN().toString(), + cert[0].getSerialNumber().toString(16) } + ); } catch (LDAPException e) { if (Debug.ON) { @@ -816,13 +811,13 @@ public final class UGSubsystem implements IUGSubsystem { log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_ADD_USER", e.toString())); throw e; } catch (ELdapException e) { - String errMsg = - "add User Cert: " + - "Could not get connection to internaldb. Error " + e; + String errMsg = + "add User Cert: " + + "Could not get connection to internaldb. Error " + e; log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_ADD_USER", e.toString())); } finally { - if (ldapconn != null) + if (ldapconn != null) returnConn(ldapconn); } } @@ -831,9 +826,9 @@ public final class UGSubsystem implements IUGSubsystem { } /** - * Removes a user certificate for a user entry - * given a user certificate DN (actually, a combination of version, - * serialNumber, issuerDN, and SubjectDN), and it gets removed + * Removes a user certificate for a user entry given a user certificate DN + * (actually, a combination of version, serialNumber, issuerDN, and + * SubjectDN), and it gets removed */ public void removeUserCert(IUser identity) throws EUsrGrpException { User user = (User) identity; @@ -854,23 +849,21 @@ public final class UGSubsystem implements IUGSubsystem { X509Certificate[] certs = ldapUser.getX509Certificates(); if (certs == null) { - throw new - EUsrGrpException(CMS.getUserMessage("CMS_USRGRP_CERT_NOT_FOUND")); + throw new EUsrGrpException(CMS.getUserMessage("CMS_USRGRP_CERT_NOT_FOUND")); } String delCertdn = user.getCertDN(); if (delCertdn == null) { - throw new - EUsrGrpException(CMS.getUserMessage("CMS_USRGRP_CERT_NOT_FOUND")); + throw new EUsrGrpException(CMS.getUserMessage("CMS_USRGRP_CERT_NOT_FOUND")); } LDAPAttribute certAttr = new - LDAPAttribute(LDAP_ATTR_USER_CERT); - LDAPAttribute certAttrS = new - LDAPAttribute(LDAP_ATTR_USER_CERT_STRING); + LDAPAttribute(LDAP_ATTR_USER_CERT); + LDAPAttribute certAttrS = new + LDAPAttribute(LDAP_ATTR_USER_CERT_STRING); - //LDAPAttribute certDNAttrS = new LDAPAttribute(LDAP_ATTR_CERTDN); + // LDAPAttribute certDNAttrS = new LDAPAttribute(LDAP_ATTR_CERTDN); int certCount = 0; @@ -888,74 +881,73 @@ public final class UGSubsystem implements IUGSubsystem { try { certAttr.addValue(certs[i].getEncoded()); certAttrS.addValue(getCertificateString(certs[i])); - // certDNAttrS.addValue(certs[i].getSubjectDN().toString()); + // certDNAttrS.addValue(certs[i].getSubjectDN().toString()); } catch (CertificateEncodingException e) { throw new EUsrGrpException(CMS.getUserMessage("CMS_USRGRP_USR_CERT_ERROR")); } attrs.add(LDAPModification.DELETE, certAttr); attrs.add(LDAPModification.DELETE, certAttrS); - //attrs.add(LDAPModification.DELETE, certDNAttrS); + // attrs.add(LDAPModification.DELETE, certDNAttrS); LDAPConnection ldapconn = null; try { ldapconn = getConn(); ldapconn.modify("uid=" + user.getUserID() + - "," + getUserBaseDN(), attrs); + "," + getUserBaseDN(), attrs); certCount++; // for audit log SessionContext sessionContext = SessionContext.getContext(); String adminId = (String) sessionContext.get(SessionContext.USER_ID); - mLogger.log(ILogger.EV_AUDIT, - ILogger.S_USRGRP, - AuditFormat.LEVEL, - AuditFormat.REMOVEUSERCERTFORMAT, - new Object[] {adminId, user.getUserID(), - certs[0].getSubjectDN().toString(), - certs[i].getSerialNumber().toString(16)} - ); + mLogger.log(ILogger.EV_AUDIT, + ILogger.S_USRGRP, + AuditFormat.LEVEL, + AuditFormat.REMOVEUSERCERTFORMAT, + new Object[] { adminId, user.getUserID(), + certs[0].getSubjectDN().toString(), + certs[i].getSerialNumber().toString(16) } + ); } catch (LDAPException e) { String errMsg = "removeUserCert():" + e; if (e.getLDAPResultCode() == LDAPException.UNAVAILABLE) { - errMsg = + errMsg = "removeUserCert: " + "Internal DB is unavailable"; } log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_REMOVE_USER", e.toString())); throw new EUsrGrpException(CMS.getUserMessage("CMS_USRGRP_MOD_USER_FAIL")); } catch (ELdapException e) { - String errMsg = - "remove User Cert: " + - "Could not get connection to internaldb. Error " + e; + String errMsg = + "remove User Cert: " + + "Could not get connection to internaldb. Error " + e; log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_REMOVE_USER", e.toString())); } finally { - if (ldapconn != null) + if (ldapconn != null) returnConn(ldapconn); } } } if (certCount == 0) { - throw new - EUsrGrpException(CMS.getUserMessage("CMS_USRGRP_CERT_NOT_FOUND")); + throw new EUsrGrpException(CMS.getUserMessage("CMS_USRGRP_CERT_NOT_FOUND")); } return; } - public void removeUserFromGroup(IGroup grp, String userid) - throws EUsrGrpException { - + public void removeUserFromGroup(IGroup grp, String userid) + throws EUsrGrpException { + LDAPConnection ldapconn = null; try { ldapconn = getConn(); - String groupDN = "cn=" + grp.getGroupID() + - "," + getGroupBaseDN(); + String groupDN = "cn=" + grp.getGroupID() + + "," + getGroupBaseDN(); LDAPAttribute memberAttr = new LDAPAttribute( "uniquemember", "uid=" + userid + "," + getUserBaseDN()); LDAPModification singleChange = new LDAPModification( @@ -972,12 +964,12 @@ public final class UGSubsystem implements IUGSubsystem { throw new EUsrGrpException(CMS.getUserMessage("CMS_USRGRP_REMOVE_USER_FAIL")); } catch (ELdapException e) { - String errMsg = - "removeUserFromGroup: Could not get connection to internaldb. Error " + e; + String errMsg = + "removeUserFromGroup: Could not get connection to internaldb. Error " + e; log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_REMOVE_USER_FROM_GROUP", e.toString())); } finally { - if (ldapconn != null) + if (ldapconn != null) returnConn(ldapconn); } } @@ -1000,9 +992,9 @@ public final class UGSubsystem implements IUGSubsystem { String adminId = (String) sessionContext.get(SessionContext.USER_ID); mLogger.log(ILogger.EV_AUDIT, ILogger.S_USRGRP, - AuditFormat.LEVEL, AuditFormat.REMOVEUSERFORMAT, - new Object[] {adminId, userid} - ); + AuditFormat.LEVEL, AuditFormat.REMOVEUSERFORMAT, + new Object[] { adminId, userid } + ); } catch (LDAPException e) { String errMsg = "removeUser()" + e.toString(); @@ -1014,25 +1006,25 @@ public final class UGSubsystem implements IUGSubsystem { throw new EUsrGrpException(CMS.getUserMessage("CMS_USRGRP_REMOVE_USER_FAIL")); } catch (ELdapException e) { - String errMsg = - "remove User: Could not get connection to internaldb. Error " + e; + String errMsg = + "remove User: Could not get connection to internaldb. Error " + e; log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_REMOVE_USER", e.toString())); } finally { - if (ldapconn != null) + if (ldapconn != null) returnConn(ldapconn); } } /** - * modifies user attributes. Certs are handled separately + * modifies user attributes. Certs are handled separately */ public void modifyUser(IUser identity) throws EUsrGrpException { User user = (User) identity; String st = null; /** - X509Certificate certs[] = null; + * X509Certificate certs[] = null; **/ LDAPModificationSet attrs = new LDAPModificationSet(); @@ -1045,10 +1037,10 @@ public final class UGSubsystem implements IUGSubsystem { try { ldapconn = getConn(); if ((st = user.getFullName()) != null) { - attrs.add(LDAPModification.REPLACE, - new LDAPAttribute("sn", st)); - attrs.add(LDAPModification.REPLACE, - new LDAPAttribute("cn", st)); + attrs.add(LDAPModification.REPLACE, + new LDAPAttribute("sn", st)); + attrs.add(LDAPModification.REPLACE, + new LDAPAttribute("cn", st)); } if ((st = user.getEmail()) != null) { LDAPAttribute ld = new LDAPAttribute("mail", st); @@ -1057,37 +1049,37 @@ public final class UGSubsystem implements IUGSubsystem { } if ((st = user.getPassword()) != null && (!st.equals(""))) { attrs.add(LDAPModification.REPLACE, - new LDAPAttribute("userpassword", st)); + new LDAPAttribute("userpassword", st)); } if ((st = user.getPhone()) != null) { - if (! st.equals("")) { + if (!st.equals("")) { attrs.add(LDAPModification.REPLACE, - new LDAPAttribute("telephonenumber", st)); + new LDAPAttribute("telephonenumber", st)); } else { try { LDAPModification singleChange = new LDAPModification( - LDAPModification.DELETE, new LDAPAttribute("telephonenumber")); + LDAPModification.DELETE, new LDAPAttribute("telephonenumber")); ldapconn.modify("uid=" + user.getUserID() + - "," + getUserBaseDN(), singleChange); + "," + getUserBaseDN(), singleChange); } catch (LDAPException e) { if (e.getLDAPResultCode() != LDAPException.NO_SUCH_ATTRIBUTE) { CMS.debug("modifyUser: Error in deleting telephonenumber"); throw e; } } - } + } } if ((st = user.getState()) != null) { - if (! st.equals("")) { + if (!st.equals("")) { attrs.add(LDAPModification.REPLACE, - new LDAPAttribute("userstate", st)); + new LDAPAttribute("userstate", st)); } else { try { LDAPModification singleChange = new LDAPModification( - LDAPModification.DELETE, new LDAPAttribute("userstate")); + LDAPModification.DELETE, new LDAPAttribute("userstate")); ldapconn.modify("uid=" + user.getUserID() + - "," + getUserBaseDN(), singleChange); + "," + getUserBaseDN(), singleChange); } catch (LDAPException e) { if (e.getLDAPResultCode() != LDAPException.NO_SUCH_ATTRIBUTE) { CMS.debug("modifyUser: Error in deleting userstate"); @@ -1095,45 +1087,39 @@ public final class UGSubsystem implements IUGSubsystem { } } } - } + } /** - if ((certs = user.getCertificates()) != null) { - LDAPAttribute attrCertStr = new - LDAPAttribute("description"); - LDAPAttribute attrCertBin = new - LDAPAttribute(LDAP_ATTR_USER_CERT); - for (int i = 0 ; i < certs.length; i++) { - attrCertBin.addValue(certs[i].getEncoded()); - attrCertStr.addValue(getCertificateString(certs[i])); - } - attrs.add(attrCertStr); - - if (user.getCertOp() == OpDef.ADD) { - attrs.add(LDAPModification.ADD, attrCertBin); - } else if (user.getCertOp() == OpDef.DELETE) { - attrs.add(LDAPModification.DELETE, attrCertBin); - } else { - throw new EUsrGrpException(UsrGrpResources.USR_MOD_ILL_CERT_OP); - } - } + * if ((certs = user.getCertificates()) != null) { LDAPAttribute + * attrCertStr = new LDAPAttribute("description"); LDAPAttribute + * attrCertBin = new LDAPAttribute(LDAP_ATTR_USER_CERT); for (int i + * = 0 ; i < certs.length; i++) { + * attrCertBin.addValue(certs[i].getEncoded()); + * attrCertStr.addValue(getCertificateString(certs[i])); } + * attrs.add(attrCertStr); + * + * if (user.getCertOp() == OpDef.ADD) { + * attrs.add(LDAPModification.ADD, attrCertBin); } else if + * (user.getCertOp() == OpDef.DELETE) { + * attrs.add(LDAPModification.DELETE, attrCertBin); } else { throw + * new EUsrGrpException(UsrGrpResources.USR_MOD_ILL_CERT_OP); } } **/ ldapconn.modify("uid=" + user.getUserID() + - "," + getUserBaseDN(), attrs); + "," + getUserBaseDN(), attrs); // for audit log SessionContext sessionContext = SessionContext.getContext(); String adminId = (String) sessionContext.get(SessionContext.USER_ID); mLogger.log(ILogger.EV_AUDIT, ILogger.S_USRGRP, - AuditFormat.LEVEL, AuditFormat.MODIFYUSERFORMAT, - new Object[] {adminId, user.getUserID()} - ); + AuditFormat.LEVEL, AuditFormat.MODIFYUSERFORMAT, + new Object[] { adminId, user.getUserID() } + ); } catch (Exception e) { - //e.printStackTrace(); + // e.printStackTrace(); throw new EUsrGrpException(CMS.getUserMessage("CMS_USRGRP_MOD_USER_FAIL")); } finally { - if (ldapconn != null) + if (ldapconn != null) returnConn(ldapconn); } } @@ -1161,15 +1147,15 @@ public final class UGSubsystem implements IUGSubsystem { try { ldapconn = getConn(); - LDAPSearchResults res = - ldapconn.search(getGroupBaseDN(), LDAPv2.SCOPE_SUB, - "(&(objectclass=groupofuniquenames)(cn=" + filter + "))", - null, false); + LDAPSearchResults res = + ldapconn.search(getGroupBaseDN(), LDAPv2.SCOPE_SUB, + "(&(objectclass=groupofuniquenames)(cn=" + filter + "))", + null, false); return buildGroups(res); } catch (LDAPException e) { - String errMsg = - "findGroups: could not find group " + filter + ". Error " + e; + String errMsg = + "findGroups: could not find group " + filter + ". Error " + e; if (e.getLDAPResultCode() == LDAPException.UNAVAILABLE) { errMsg = "findGroups: " + "Internal DB is unavailable"; @@ -1177,13 +1163,13 @@ public final class UGSubsystem implements IUGSubsystem { log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_FIND_GROUPS", e.toString())); return null; } catch (ELdapException e) { - String errMsg = - "find Groups: Could not get connection to internaldb. Error " + e; + String errMsg = + "find Groups: Could not get connection to internaldb. Error " + e; log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_FIND_GROUPS", e.toString())); return null; } finally { - if (ldapconn != null) + if (ldapconn != null) returnConn(ldapconn); } } @@ -1197,10 +1183,10 @@ public final class UGSubsystem implements IUGSubsystem { } /** - * List groups. more efficient than find Groups. only retrieves - * group names and description. + * List groups. more efficient than find Groups. only retrieves group names + * and description. */ - public Enumeration<IGroup> listGroups(String filter) throws EUsrGrpException { + public Enumeration<IGroup> listGroups(String filter) throws EUsrGrpException { if (filter == null) { return null; } @@ -1214,10 +1200,10 @@ public final class UGSubsystem implements IUGSubsystem { attrs[1] = "description"; ldapconn = getConn(); - LDAPSearchResults res = - ldapconn.search(getGroupBaseDN(), LDAPv2.SCOPE_SUB, - "(&(objectclass=groupofuniquenames)(cn=" + filter + "))", - attrs, false); + LDAPSearchResults res = + ldapconn.search(getGroupBaseDN(), LDAPv2.SCOPE_SUB, + "(&(objectclass=groupofuniquenames)(cn=" + filter + "))", + attrs, false); return buildGroups(res); } catch (LDAPException e) { @@ -1228,12 +1214,12 @@ public final class UGSubsystem implements IUGSubsystem { } log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_LIST_GROUPS", e.toString())); } catch (ELdapException e) { - String errMsg = - "list Groups: Could not get connection to internaldb. Error " + e; + String errMsg = + "list Groups: Could not get connection to internaldb. Error " + e; log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_LIST_GROUPS", e.toString())); } finally { - if (ldapconn != null) + if (ldapconn != null) returnConn(ldapconn); } return null; @@ -1243,14 +1229,14 @@ public final class UGSubsystem implements IUGSubsystem { * builds an instance of a Group entry */ protected IGroup buildGroup(LDAPEntry entry) { - String groupName = (String)entry.getAttribute("cn").getStringValues().nextElement(); + String groupName = (String) entry.getAttribute("cn").getStringValues().nextElement(); IGroup grp = createGroup(this, groupName); - + LDAPAttribute grpDesc = entry.getAttribute("description"); if (grpDesc != null) { @SuppressWarnings("unchecked") - Enumeration<String> en = grpDesc.getStringValues(); + Enumeration<String> en = grpDesc.getStringValues(); if (en != null && en.hasMoreElements()) { String desc = (String) en.nextElement(); @@ -1282,26 +1268,26 @@ public final class UGSubsystem implements IUGSubsystem { } @SuppressWarnings("unchecked") - Enumeration<String> e = attr.getStringValues(); + Enumeration<String> e = attr.getStringValues(); while (e.hasMoreElements()) { String v = (String) e.nextElement(); - // grp.addMemberName(v); + // grp.addMemberName(v); // DOES NOT SUPPORT NESTED GROUPS... - /* BAD_GROUP_MEMBER message goes to system log - * We are testing unique member attribute for - * 1. presence of uid string - * 2. presence and sequence of equal sign and comma - * 3. absence of equal sign between previously found equal sign and comma - * 4. absence of non white space characters between uid string and equal sign - */ + /* + * BAD_GROUP_MEMBER message goes to system log We are testing unique + * member attribute for 1. presence of uid string 2. presence and + * sequence of equal sign and comma 3. absence of equal sign between + * previously found equal sign and comma 4. absence of non white + * space characters between uid string and equal sign + */ int i = -1; int j = -1; - if (v == null || v.length() < 3 || (!(v.substring(0,3)).equalsIgnoreCase("uid")) || - ((i = v.indexOf('=')) < 0) || ((j = v.indexOf(',')) < 0) || i > j || - (v.substring(i+1, j)).indexOf('=') > -1 || ((v.substring(3, i)).trim()).length() > 0) { + if (v == null || v.length() < 3 || (!(v.substring(0, 3)).equalsIgnoreCase("uid")) || + ((i = v.indexOf('=')) < 0) || ((j = v.indexOf(',')) < 0) || i > j || + (v.substring(i + 1, j)).indexOf('=') > -1 || ((v.substring(3, i)).trim()).length() > 0) { log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_BAD_GROUP_MEMBER", groupName, v)); } else { grp.addMemberName(v.substring(v.indexOf('=') + 1, v.indexOf(','))); @@ -1316,22 +1302,20 @@ public final class UGSubsystem implements IUGSubsystem { } /** - * Retrieves a group from LDAP - * NOTE - this takes just the group name. + * Retrieves a group from LDAP NOTE - this takes just the group name. */ public IGroup getGroupFromName(String name) { return getGroup("cn=" + name + "," + getGroupBaseDN()); } /** - * Retrieves a group from LDAP - * NOTE - LH This takes a full LDAP DN. + * Retrieves a group from LDAP NOTE - LH This takes a full LDAP DN. */ public IGroup getGroup(String name) { if (name == null) { return null; } - + LDAPConnection ldapconn = null; try { @@ -1372,7 +1356,7 @@ public final class UGSubsystem implements IUGSubsystem { return false; } @SuppressWarnings("unchecked") - Enumeration<String> en = attr.getStringValues(); + Enumeration<String> en = attr.getStringValues(); for (; en.hasMoreElements();) { String v = (String) en.nextElement(); @@ -1390,91 +1374,84 @@ public final class UGSubsystem implements IUGSubsystem { return false; } - public boolean isMemberOf(String userid, String groupname) - { + public boolean isMemberOf(String userid, String groupname) { try { - IUser user = getUser(userid); - return isMemberOfLdapGroup(user.getUserDN(), groupname); + IUser user = getUser(userid); + return isMemberOfLdapGroup(user.getUserDN(), groupname); } catch (Exception e) { - /* do nothing */ + /* do nothing */ } return false; } /** - * Checks if the given user is a member of the given group - * (now runs an ldap search to find the user, instead of - * fetching the entire group entry) + * Checks if the given user is a member of the given group (now runs an ldap + * search to find the user, instead of fetching the entire group entry) */ - public boolean isMemberOf(IUser id, String name) { - if (id == null) { - log(ILogger.LL_WARN, "isMemberOf(): id is null"); - return false; + public boolean isMemberOf(IUser id, String name) { + if (id == null) { + log(ILogger.LL_WARN, "isMemberOf(): id is null"); + return false; } - if (name == null) { - log(ILogger.LL_WARN, "isMemberOf(): name is null"); - return false; + if (name == null) { + log(ILogger.LL_WARN, "isMemberOf(): name is null"); + return false; } - Debug.trace("UGSubsystem.isMemberOf() using new lookup code"); - return isMemberOfLdapGroup(id.getUserDN(),name); + Debug.trace("UGSubsystem.isMemberOf() using new lookup code"); + return isMemberOfLdapGroup(id.getUserDN(), name); } - /** - * checks if the given user DN is in the specified group - * by running an ldap search for the user in the group + * checks if the given user DN is in the specified group by running an ldap + * search for the user in the group */ - protected boolean isMemberOfLdapGroup(String userid,String groupname) - { - String basedn = "cn="+groupname+",ou=groups,"+mBaseDN; + protected boolean isMemberOfLdapGroup(String userid, String groupname) { + String basedn = "cn=" + groupname + ",ou=groups," + mBaseDN; LDAPConnection ldapconn = null; - boolean founduser=false; + boolean founduser = false; try { - // the group could potentially have many thousands - // of members, (many values of the uniquemember - // attribute). So, we don't want to fetch this - // list each time. We'll just fetch the CN. - String attrs[]= new String[1]; - attrs[0] = "cn"; + // the group could potentially have many thousands + // of members, (many values of the uniquemember + // attribute). So, we don't want to fetch this + // list each time. We'll just fetch the CN. + String attrs[] = new String[1]; + attrs[0] = "cn"; ldapconn = getConn(); - - String filter = "(uniquemember="+userid+")"; - Debug.trace("authorization search base: "+basedn); - Debug.trace("authorization search filter: "+filter); + String filter = "(uniquemember=" + userid + ")"; + Debug.trace("authorization search base: " + basedn); + Debug.trace("authorization search filter: " + filter); LDAPSearchResults res = - ldapconn.search(basedn, LDAPv2.SCOPE_BASE, - filter, - attrs, false); - // If the result had at least one entry, we know - // that the filter matched, and so the user correctly - // authenticated. - if (res.hasMoreElements()) { - // actually read the entry - LDAPEntry entry = (LDAPEntry)res.nextElement(); - founduser=true; - } - Debug.trace("authorization result: "+founduser); - } catch (LDAPException e) { - String errMsg = - "isMemberOfLdapGroup: could not find group "+groupname+". Error "+e; - if (e.getLDAPResultCode() == LDAPException.UNAVAILABLE) { - errMsg = "isMemberOfLdapGroup: "+"Internal DB is unavailable"; - } - Debug.trace("authorization exception: "+errMsg); - // too chatty in system log - // log(ILogger.LL_FAILURE, errMsg); - } - catch (ELdapException e) { - String errMsg = - "isMemberOfLdapGroup: Could not get connection to internaldb. Error "+e; - Debug.trace("authorization exception: "+errMsg); + ldapconn.search(basedn, LDAPv2.SCOPE_BASE, + filter, + attrs, false); + // If the result had at least one entry, we know + // that the filter matched, and so the user correctly + // authenticated. + if (res.hasMoreElements()) { + // actually read the entry + LDAPEntry entry = (LDAPEntry) res.nextElement(); + founduser = true; + } + Debug.trace("authorization result: " + founduser); + } catch (LDAPException e) { + String errMsg = + "isMemberOfLdapGroup: could not find group " + groupname + ". Error " + e; + if (e.getLDAPResultCode() == LDAPException.UNAVAILABLE) { + errMsg = "isMemberOfLdapGroup: " + "Internal DB is unavailable"; + } + Debug.trace("authorization exception: " + errMsg); + // too chatty in system log + // log(ILogger.LL_FAILURE, errMsg); + } catch (ELdapException e) { + String errMsg = + "isMemberOfLdapGroup: Could not get connection to internaldb. Error " + e; + Debug.trace("authorization exception: " + errMsg); log(ILogger.LL_FAILURE, errMsg); - } - finally { + } finally { if (ldapconn != null) returnConn(ldapconn); } @@ -1495,7 +1472,7 @@ public final class UGSubsystem implements IUGSubsystem { try { LDAPAttributeSet attrs = new LDAPAttributeSet(); - String oc[] = {"top", "groupOfUniqueNames"}; + String oc[] = { "top", "groupOfUniqueNames" }; attrs.add(new LDAPAttribute("objectclass", oc)); attrs.add(new LDAPAttribute("cn", group.getGroupID())); @@ -1509,8 +1486,8 @@ public final class UGSubsystem implements IUGSubsystem { String name = (String) e.nextElement(); // DOES NOT SUPPORT NESTED GROUPS... - attrMembers.addValue("uid=" + name + "," + - getUserBaseDN()); + attrMembers.addValue("uid=" + name + "," + + getUserBaseDN()); } attrs.add(attrMembers); } @@ -1529,19 +1506,19 @@ public final class UGSubsystem implements IUGSubsystem { throw new EUsrGrpException(CMS.getUserMessage("CMS_USRGRP_ADD_GROUP_FAIL")); } catch (ELdapException e) { - String errMsg = - "add Group: Could not get connection to internaldb. Error " + e; + String errMsg = + "add Group: Could not get connection to internaldb. Error " + e; log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_ADD_GROUP", e.toString())); throw new EUsrGrpException(CMS.getUserMessage("CMS_USRGRP_ADD_GROUP_FAIL")); } finally { - if (ldapconn != null) + if (ldapconn != null) returnConn(ldapconn); } } /** - * Removes a group. Can't remove SUPER_CERT_ADMINS + * Removes a group. Can't remove SUPER_CERT_ADMINS */ public void removeGroup(String name) throws EUsrGrpException { if (name == null) { @@ -1566,9 +1543,9 @@ public final class UGSubsystem implements IUGSubsystem { throw new EUsrGrpException(CMS.getUserMessage("CMS_USRGRP_REMOVE_GROUP_FAIL")); } catch (ELdapException e) { - String errMsg = - "remove Group: Could not get connection to internaldb. " + - "Error " + e; + String errMsg = + "remove Group: Could not get connection to internaldb. " + + "Error " + e; log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_REMOVE_GROUP", e.toString())); } finally { @@ -1594,8 +1571,8 @@ public final class UGSubsystem implements IUGSubsystem { String desc = grp.getDescription(); if (desc != null) { - mod.add(LDAPModification.REPLACE, - new LDAPAttribute("description", desc)); + mod.add(LDAPModification.REPLACE, + new LDAPAttribute("description", desc)); } Enumeration<String> e = grp.getMemberNames(); @@ -1605,8 +1582,8 @@ public final class UGSubsystem implements IUGSubsystem { String name = (String) e.nextElement(); // DOES NOT SUPPORT NESTED GROUPS... - attrMembers.addValue("uid=" + name + "," + - getUserBaseDN()); + attrMembers.addValue("uid=" + name + "," + + getUserBaseDN()); } mod.add(LDAPModification.REPLACE, attrMembers); } else { @@ -1614,14 +1591,13 @@ public final class UGSubsystem implements IUGSubsystem { mod.add(LDAPModification.DELETE, attrMembers); } else { // not allowed - throw new - EUsrGrpException(CMS.getUserMessage("CMS_USRGRP_ILL_GRP_MOD")); + throw new EUsrGrpException(CMS.getUserMessage("CMS_USRGRP_ILL_GRP_MOD")); } } ldapconn = getConn(); ldapconn.modify("cn=" + grp.getGroupID() + - "," + getGroupBaseDN(), mod); + "," + getGroupBaseDN(), mod); } catch (LDAPException e) { String errMsg = " modifyGroup()" + e.toString(); @@ -1641,18 +1617,17 @@ public final class UGSubsystem implements IUGSubsystem { } /** - * Evalutes the given context with the attribute - * critieria. + * Evalutes the given context with the attribute critieria. */ - public boolean evaluate(String type, IUser id, - String op, String value) { + public boolean evaluate(String type, IUser id, + String op, String value) { if (op.equals("=")) { if (type.equalsIgnoreCase("user")) { if (isMatched(value, id.getName())) return true; } if (type.equalsIgnoreCase("group")) { - return isMemberOf(id, value); + return isMemberOf(id, value); } } return false; @@ -1682,21 +1657,20 @@ public final class UGSubsystem implements IUGSubsystem { return entry.getDN(); } } catch (ELdapException e) { - String errMsg = - "convertUIDtoDN: Could not get connection to internaldb. " + - "Error " + e; + String errMsg = + "convertUIDtoDN: Could not get connection to internaldb. " + + "Error " + e; log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_CONVERT_UID", e.toString())); } finally { - if (ldapconn != null) + if (ldapconn != null) returnConn(ldapconn); } return null; } /** - * Checks if the given DNs are the same after - * normalization. + * Checks if the given DNs are the same after normalization. */ protected boolean isMatched(String dn1, String dn2) { String rdn1[] = LDAPDN.explodeDN(dn1, false); @@ -1714,8 +1688,8 @@ public final class UGSubsystem implements IUGSubsystem { } /** - * Converts certificate into string format. - * should eventually go into the locator itself + * Converts certificate into string format. should eventually go into the + * locator itself */ protected String getCertificateStringWithoutVersion(X509Certificate cert) { if (cert == null) { @@ -1723,7 +1697,7 @@ public final class UGSubsystem implements IUGSubsystem { } // note that it did not represent a certificate fully return "-1;" + cert.getSerialNumber().toString() + - ";" + cert.getIssuerDN() + ";" + cert.getSubjectDN(); + ";" + cert.getIssuerDN() + ";" + cert.getSubjectDN(); } public String getCertificateString(X509Certificate cert) { @@ -1733,7 +1707,7 @@ public final class UGSubsystem implements IUGSubsystem { // note that it did not represent a certificate fully return cert.getVersion() + ";" + cert.getSerialNumber().toString() + - ";" + cert.getIssuerDN() + ";" + cert.getSubjectDN(); + ";" + cert.getIssuerDN() + ";" + cert.getSubjectDN(); } /** @@ -1751,13 +1725,13 @@ public final class UGSubsystem implements IUGSubsystem { } protected LDAPConnection getConn() throws ELdapException { - if (mLdapConnFactory == null) + if (mLdapConnFactory == null) return null; return mLdapConnFactory.getConn(); } protected void returnConn(LDAPConnection conn) { - if (mLdapConnFactory != null) + if (mLdapConnFactory != null) mLdapConnFactory.returnConn(conn); } @@ -1765,7 +1739,7 @@ public final class UGSubsystem implements IUGSubsystem { if (mLogger == null) return; mLogger.log(ILogger.EV_SYSTEM, null, ILogger.S_USRGRP, - level, "UGSubsystem: " + msg); + level, "UGSubsystem: " + msg); } public ICertUserLocator getCertUserLocator() { |